Upgrade Fedify to 1.10.5

dahlia · dahlia · commit ff9f2e13d68d · 2026-03-27T03:54:03.000+09:00
diff --git a/CHANGES.md b/CHANGES.md
@@ -6,6 +6,10 @@ Version 0.7.8
 
 To be released.
 
+ -  Upgraded Fedify to 1.10.5 for security reasons.  [[CVE-2026-34148]]
+
+[CVE-2026-34148]: https://github.com/fedify-dev/fedify/security/advisories/GHSA-gm9m-gwc4-hwgp
+
 
 Version 0.7.7
 -------------
diff --git a/package.json b/package.json
@@ -20,11 +20,11 @@
   },
   "dependencies": {
     "@aws-sdk/credential-providers": "^3.966.0",
-    "@fedify/fedify": "~1.10.4",
-    "@fedify/hono": "~1.10.4",
+    "@fedify/fedify": "~1.10.5",
+    "@fedify/hono": "~1.10.5",
     "@fedify/markdown-it-hashtag": "~0.3.0",
     "@fedify/markdown-it-mention": "~0.3.0",
-    "@fedify/postgres": "~1.10.4",
+    "@fedify/postgres": "~1.10.5",
     "@hexagon/base64": "^2.0.4",
     "@hono/node-server": "^1.19.9",
     "@hono/zod-validator": "^0.7.6",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
